<?php
include "header.php";
include "mysqli_connection.php";

if (!isset($_SESSION["username"])){
	echo "<script>window.location.href='login.php'</script>";
}
else{
?>
<script>change_picture("admin");</script>
<script>
function jump(){
	window.location.href='managegroups.php';
}
window.setTimeout("jump();",3000);
</script>
<div>
<?php
	if (isset($_POST["g_id"]) && $_POST["g_id"] !== ""){
		$g_id = $mysqli->real_escape_string(trim($_POST["g_id"]));
		if ($g_id == 0){
			$query = "INSERT INTO Groups (name, number) VALUES (?, ?);";
			$stmt = $mysqli->stmt_init();
			if ($stmt = $mysqli->prepare($query)){
				$stmt->bind_param("si", trim($_POST["name"]), trim($_POST["number"]));
				if (!$stmt->execute()){
					$stmt->close();
					echo "Insert failed! ";
				}
				else{
					$stmt->close();
					$query = "SELECT g_id FROM Groups WHERE (name = ? ) AND (number = ?);";
					$stmt = $mysqli->stmt_init();
					if ($stmt = $mysqli->prepare($query)){
						$stmt->bind_param("si", trim($_POST["name"]), trim($_POST["number"]));
						$stmt->execute();
						$stmt->bind_result($g_id);
						if ($stmt->fetch()){
							$stmt->close();
							if ($_POST["course_list"] !== ""){
								$course_list = explode(",", $_POST["course_list"]);
								$ok = true;
								$query = "INSERT INTO Course_Group (c_id, g_id) VALUES (?, ?);";
								$stmt = $mysqli->stmt_init();
								if ($stmt = $mysqli->prepare($query)){
									$stmt->bind_param("ii", $item, $g_id);
									foreach ($course_list as $item){
										if (!$stmt->execute()){
											$ok = false;
										}
									}
								}
								else{
									$ok = false;
								}
								$stmt->close();
								if (!$ok){
									echo "Update failed! ";
								}
								else{
									echo "Update Succeed! ";
								}
							}
							else{
								echo "Update Succeed! ";
							}
						}
						else{
							$stmt->close();
							echo "Insert failed! ";
						}
					}
				}
			}
		}
		else{
			$query = "UPDATE Groups SET name = ?, number = ? WHERE g_id = ?;";
			$stmt = $mysqli->stmt_init();
			if ($stmt = $mysqli->prepare($query)){
				$stmt->bind_param("sii", trim($_POST["name"]), trim($_POST["number"]), $g_id);
				if (!$stmt->execute()){
					$stmt->close();
					echo "Update failed! ";
				}
				else{
					$stmt->close();
					$query = "DELETE FROM Course_Group WHERE g_id = ?;";
					$stmt = $mysqli->stmt_init();
					if ($stmt = $mysqli->prepare($query)){
						$stmt->bind_param("i", $g_id);
						if (!$stmt->execute()){
							$stmt->close();
							echo "Update failed! ";
						}
						else{
							$stmt->close();
							if ($_POST["course_list"] !== ""){
								$course_list = explode(",", $_POST["course_list"]);
								$ok = true;
								$query = "INSERT INTO Course_Group (c_id, g_id) VALUES (?, ?);";
								$stmt = $mysqli->stmt_init();
								if ($stmt = $mysqli->prepare($query)){
									$stmt->bind_param("ii", $item, $g_id);
									foreach ($course_list as $item){
										if (!$stmt->execute()){
											$ok = false;
										}
									}
								}
								else{
									$ok = false;
								}
								$stmt->close();
								if (!$ok){
									echo "Update failed! ";
								}
								else{
									echo "Update Succeed! ";
								}
							}
							else{
								echo "Update Succeed! ";
							}
						}
					}
				}
			}
		}
	}
?>
Jumping to manage courses page in 3 seconds...<br />
<a href="managegroups.php">Click here to jump immediately</a>
</div>

<?php
}
include "footer.php";